package com.wmzdq.security;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Service;

import com.wmzdq.common.IMenuService;
import com.wmzdq.dto.Tmenu;


//权限管理器，获取所有权限，和访问url需要的权限
public class SecurityMetadataSource implements FilterInvocationSecurityMetadataSource {

    private static Map<String, Collection<ConfigAttribute>> resourceMap = null;
	//private Map<String, Collection<ConfigAttribute>> resourceMap = null;

    private IMenuService menuService;
    

    public SecurityMetadataSource(IMenuService menuService){
        this.menuService = menuService;
    }
    public IMenuService getMenuService()
    {
        return menuService;
    }

    public void setMenuService(IMenuService menuService)
    {
        this.menuService = menuService;
    }

    /**
     * 加载所有资源与权限的关系
     */
    private void loadResourceDefine() {
        if (resourceMap == null) {
        	initMapData();
        }
    }
    
    private synchronized void initMapData(){
    	resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
        //List<Resource> resources = resourceMapper..queryAllResources();
        List<Tmenu> funcItems = menuService.getAll();
        for (Tmenu menu : funcItems) {
            Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>();
            ConfigAttribute configAttribute = new SecurityConfig(menu.getUrl());
            configAttributes.add(configAttribute);
            resourceMap.put(menu.getUrl(), configAttributes);
        }
        /*String indexUrl = "/index.jsp";
        Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>();
        ConfigAttribute configAttribute = new SecurityConfig(indexUrl);
        configAttributes.add(configAttribute);
        resourceMap.put(indexUrl, configAttributes);*/
    }

    
    /**
     * 返回所请求资源所需要的权限
     */
    @Override
    public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
        // TODO Auto-generated method stub
        loadResourceDefine();

        String url = ((FilterInvocation) object).getRequestUrl();
        int firstQuestionMarkIndex = url.indexOf("?");
        if (firstQuestionMarkIndex != -1) {
            url = url.substring(0, firstQuestionMarkIndex);
        }
        HttpServletRequest request = ((FilterInvocation) object).getRequest();

        Iterator<String> ite = resourceMap.keySet().iterator();
        while (ite.hasNext()) {
            String resURL = ite.next();
            RequestMatcher urlMatcher = new AntPathRequestMatcher(resURL);
            if (urlMatcher.matches(request)) {
                return resourceMap.get(resURL);
            }
        }
        return null;
    }
    

    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
    }

    public boolean supports(Class<?> clazz) {
        return true;
    }
}